IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

VirtualProtect

ReleaseMutex

lstrcatA

HeapReAlloc

CreateEventW

VirtualAlloc

GetModuleHandleA

CreateThread

WideCharToMultiByte

Sleep

lstrcmpiA

FindFirstFileW

WaitForSingleObject

ExpandEnvironmentStringsW

GetFileAttributesA

lstrcatW

CryptGetHashParam

RegEnumKeyExA

CryptAcquireContextW

CryptHashData

CryptCreateHash

CryptReleaseContext

CryptDestroyHash

RegCreateKeyExA

RegQueryValueExA

RegSetValueExA

RegCloseKey

GetUserNameW

DuplicateTokenEx

PathCombineW

PathRemoveFileSpecW

PathMatchSpecW

PathFindFileNameW

SHDeleteKeyA

wvnsprintfA

StrCmpNIW

PathFileExistsW

wvnsprintfW

StrStrW

wnsprintfW

wnsprintfA

StrCmpNIA

MsgWaitForMultipleObjects

CloseWindowStation

ExitWindowsEx

GetWindowThreadProcessId

SetThreadDesktop

FindWindowExA

GetCursorPos

GetForegroundWindow

CharLowerBuffA

GetClipboardData

SendMessageA

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE